06/03/2015

Privacy Rights - The United Nations Steps Up

by Neil Farquharson

I’m a big fan of Brian Krebs and his daily blog KrebsOnSecurity. Back in March, Brian reminded us that the IRS remains in apparent disarray with its “Get Transcript” function available on IRS.gov, making it very easy for criminals to get a copy of anyone’s previous year’s tax return, fill in a bogus one for the current year, and claim a tax refund under someone else’s name shortly after January 31st. For you and me , this issue is no surprise – we’ve been hearing about it for years. But, what did come as a great surprise to me were the discoveries of Mr. Michael Kasper, a reader of KrebsOnSecurity who shared his experience on being a victim of the above IRS scam. When Kasper found the person who had received the bogus tax refund of $8,936, that person turned out to be a student at a university who had responded to a Craigslist ad for a moneymaking opportunity. In a situation reminiscent of a Nigerian 419 Scam, the student had received the sum into her bank account, kept a portion, and wire transferred the rest to her “employer;” the only difference being that in this case the money actually existed – and wasn’t hers. In March, Fast Company posted an interesting article on "espionage as a service." With espionage as a service, clients post requests for hacks and offer fees for these services. For payments ranging from, say, $90 to $350, users openly post ads offering to hack into computers and online accounts, knock servers offline with denial-of-service attacks, track down people’s personal information and break into Gmail and Facebook accounts. And just as in the case of the university student in the IRS scam above, none of these people seem to realize that what they are doing is criminal. Somehow new technologies that have enabled this type or behavior have diluted people’s sense of right and wrong. Western governments are struggling to find a balance between protecting society against criminals while also protecting our privacy rights. Against the current background of calls from the U.S. and U.K. governments to hobble encryption, the U.N. Human Rights Council will be debating these issues in a session running from June 16th to July 3rd. Questions to be posed by a Special Rapporteur revolve around the issue of privacy as a human right. In short, is it ethical for people to view your email account, Facebook account, bank account or IRS submissions just because they can? If private information is accessible via the internet, does it cease to be private or is it fair game to be hacked, cracked, skimmed or cloned? While the U.N. and governments debate these issues endlessly, we ordinary folks need to protect our personal and business information as best we can and remember never to include sensitive information in emails unless there is a proper encryption solution in place. There are a number of email encryption solutions available, however the best are widely agreed to be the Zix email encryption solutions. The Zix solutions are not only very secure, but also the easiest for you, your business partners and your clients to use. An advance copy of the U.N. report can be downloaded here. Zix email encryption solutions can be found here.